Vulnerability in Microsoft Windows

CVE-2016-9415

MyBB (aka MyBulletinBoard) before 1.8.8 on Windows and MyBB Merge System before 1.8.8 on Windows allow remote attackers to overwrite arbitrary CSS files via vectors related to "style import."

EPSS: 0.019 (76.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.5 (High). Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N.

Affected products

Weakness classification (CWE)

References

  • cve@mitre.org (x_refsource_CONFIRM, Patch, Release Notes, Vendor Advisory)
  • cve@mitre.org (mailing-list, x_refsource_MLIST, Patch, Mailing List, Third Party Advisory)
  • cve@mitre.org (mailing-list, x_refsource_MLIST, Patch, Mailing List, Third Party Advisory)
  • cve@mitre.org (VDB Entry, Third Party Advisory, vdb-entry, x_refsource_BID)

Frequently asked questions

What is CVE-2016-9415?
CVE-2016-9415 is a high-severity vulnerability in Microsoft Windows, classified under Improper Access Control. CVSS score: 7.5/10. Published 2017-01-31.
How severe is CVE-2016-9415?
High severity. CVSS v3 base score is 7.5 out of 10.